Coverage priorities 1-5: test pure functions, extract interfaces, mock-based handler tests

- Priority 1: Test NewSendEmailTask + NewSendPushTask (5 tests)
- Priority 2: Test customHTTPErrorHandler — all 15+ branches (21 tests)
- Priority 3: Extract Enqueuer interface + payload builders in worker pkg (5 tests)
- Priority 4: Extract ClassifyFile/ComputeRelPath in migrate-encrypt (6 tests)
- Priority 5: Define Handler interfaces, refactor to accept them, mock-based tests (14 tests)
- Fix .gitignore: /worker instead of worker to stop ignoring internal/worker/

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/openapi.yaml

@@ -2704,6 +2704,105 @@ paths:
         '404':
           $ref: '#/components/responses/NotFound'
 
+  /auth/account/:
+    delete:
+      tags: [Authentication]
+      summary: Delete user account
+      description: Permanently deletes the authenticated user's account and all associated data
+      security:
+        - tokenAuth: []
+      requestBody:
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                password:
+                  type: string
+                  description: Required for email-auth users
+                confirmation:
+                  type: string
+                  description: Must be "DELETE" for social-auth users
+      responses:
+        '200':
+          description: Account deleted successfully
+        '400':
+          $ref: '#/components/responses/BadRequest'
+        '401':
+          $ref: '#/components/responses/Unauthorized'
+
+  /auth/refresh/:
+    post:
+      tags: [Authentication]
+      summary: Refresh auth token
+      description: Returns a new token if current token is in the renewal window (60-90 days old)
+      security:
+        - tokenAuth: []
+      responses:
+        '200':
+          description: Token refreshed
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  token:
+                    type: string
+        '401':
+          $ref: '#/components/responses/Unauthorized'
+
+  /health/live:
+    get:
+      tags: [Health]
+      summary: Liveness probe
+      description: Simple liveness check, always returns 200
+      responses:
+        '200':
+          description: Alive
+
+  /tasks/suggestions/:
+    get:
+      tags: [Tasks]
+      summary: Get personalized task template suggestions
+      description: Returns task templates ranked by relevance to the residence's home profile
+      security:
+        - tokenAuth: []
+      parameters:
+        - name: residence_id
+          in: query
+          required: true
+          schema:
+            type: integer
+      responses:
+        '200':
+          description: Suggestions with relevance scores
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  suggestions:
+                    type: array
+                    items:
+                      type: object
+                      properties:
+                        template:
+                          $ref: '#/components/schemas/TaskTemplate'
+                        relevance_score:
+                          type: number
+                        match_reasons:
+                          type: array
+                          items:
+                            type: string
+                  total_count:
+                    type: integer
+                  profile_completeness:
+                    type: number
+        '401':
+          $ref: '#/components/responses/Unauthorized'
+        '403':
+          $ref: '#/components/responses/Forbidden'
+
 # =============================================================================
 # Components
 # =============================================================================